Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/GSEh8gIZdCBsRKOnb9fKkFOFuZk.roa
File: GSEh8gIZdCBsRKOnb9fKkFOFuZk.roa (raw, json)
Hash identifier: u2uTEL6Ts0fKYl8Es1LELd2Ambr6iVn6vwhJ7qDD50c=
Subject key identifier: 19:21:21:F2:02:19:74:20:6C:44:A3:A7:6F:D7:CA:90:53:85:B9:99
Certificate issuer: /CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Certificate serial: 019421445686A45B7216901609288031FAD7
Authority key identifier: 3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/GSEh8gIZdCBsRKOnb9fKkFOFuZk.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20253
IP address blocks: 84.201.208.0/20 maxlen: 24
84.201.221.0/24 maxlen: 24
146.19.181.0/24 maxlen: 26
217.20.48.0/24 maxlen: 24
217.20.49.0/24 maxlen: 24
217.20.50.0/24 maxlen: 24
217.20.51.0/24 maxlen: 24
217.20.52.0/24 maxlen: 24
217.20.53.0/24 maxlen: 24
217.20.54.0/24 maxlen: 24
217.20.55.0/24 maxlen: 24
217.20.56.0/24 maxlen: 24
217.20.57.0/24 maxlen: 24
217.20.58.0/24 maxlen: 24
217.20.59.0/24 maxlen: 24
217.20.60.0/24 maxlen: 24
217.20.61.0/24 maxlen: 24
217.20.62.0/24 maxlen: 24
217.20.63.0/24 maxlen: 24
2a12:45c7:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:56:86:a4:5b:72:16:90:16:09:28:80:31:fa:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec63e5db0435c2d3e74a6b28ad3d9c30d6a8cee
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=192121f2021974206c44a3a76fd7ca905385b999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:29:67:99:89:6d:45:1a:d8:e0:81:ad:af:2f:
17:6f:92:25:84:e3:5c:3d:bb:a7:6b:75:95:ad:78:
bc:14:72:6a:d3:18:de:19:ad:b2:ea:93:58:f5:68:
7a:3f:17:92:ba:0b:1c:ea:83:a2:ad:95:17:9a:d5:
24:a5:01:b8:0e:5a:ed:2b:6f:6e:f9:0a:15:1b:49:
7e:3e:a5:91:68:8f:49:22:31:d1:16:21:9b:db:94:
0f:7e:71:60:b5:dc:2f:8a:17:8b:54:1f:78:ac:4a:
15:7c:63:62:da:00:5f:52:7b:7f:50:6d:cc:93:4b:
3b:d1:da:fb:f2:fb:75:ae:e4:83:27:1b:fb:44:71:
ea:b7:eb:78:33:73:dd:fe:ff:40:39:3b:10:e0:ef:
33:2b:65:93:86:fc:ee:bd:a6:ca:b3:ba:bc:cd:dc:
92:20:39:01:93:f8:b7:ba:7f:7a:1c:ce:f2:5a:5a:
71:99:8a:71:b1:a7:15:99:ff:1b:ae:7e:88:c9:7e:
72:6c:9b:76:5e:f1:7e:1b:1d:97:83:59:48:32:77:
c5:79:6a:b6:6e:3a:a0:ea:a4:db:bc:38:32:ce:27:
08:bb:12:ba:ea:f4:de:40:de:b9:f8:53:8f:f6:7c:
56:6a:b3:41:31:61:28:2f:ef:96:b4:b2:fb:4b:2b:
00:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:21:21:F2:02:19:74:20:6C:44:A3:A7:6F:D7:CA:90:53:85:B9:99
X509v3 Authority Key Identifier:
keyid:3E:C6:3E:5D:B0:43:5C:2D:3E:74:A6:B2:8A:D3:D9:C3:0D:6A:8C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsY-XbBDXC0-dKayitPZww1qjO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/GSEh8gIZdCBsRKOnb9fKkFOFuZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/46d943-8cbd-41a2-b9f2-52058f8a9a1a/1/PsY-XbBDXC0-dKayitPZww1qjO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.201.208.0/20
146.19.181.0/24
217.20.48.0/20
IPv6:
2a12:45c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
79:a3:10:56:e1:06:09:2c:51:e5:98:ef:e3:fd:af:5d:27:ad:
71:9e:59:e5:96:e3:99:45:fe:fe:3d:b6:b3:b6:ca:61:62:5e:
45:ca:f6:54:c8:a8:fa:0b:f9:42:dd:01:16:03:28:a5:9e:29:
8c:76:b1:70:41:51:95:bf:11:04:36:97:39:59:1e:94:2f:20:
5c:60:75:b9:53:ac:2b:ff:63:94:f3:a0:be:07:16:48:74:2c:
b0:70:c4:4c:9d:9d:0d:c2:d9:b2:e4:9e:56:3a:40:2f:50:b3:
65:34:10:1c:4d:e4:3a:b1:fe:c3:f4:52:06:67:0e:3a:08:60:
40:32:fb:de:18:e8:5b:f8:82:51:40:2c:f6:5b:80:15:5a:25:
f7:dc:c8:bc:95:a5:cc:b2:3d:34:8d:61:bd:3a:dc:1e:b1:ab:
9d:1a:a3:a2:ce:65:6b:32:8d:8b:73:92:43:fb:54:cd:fb:24:
b8:d8:db:c7:6c:85:e5:da:ad:7b:48:a1:bc:08:ec:de:56:75:
d3:d2:7a:20:3b:df:03:ce:1a:c4:f9:69:d4:48:20:d7:7e:64:
44:64:51:46:75:63:1d:db:0a:7a:06:62:e3:a4:06:ad:56:7a:
e7:9c:e9:d5:a0:76:ca:95:9b:4d:39:88:21:98:1d:8c:2c:fd:
50:14:d5:34
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQhRFaGpFtyFpAWCSiAMfrXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzYzZTVkYjA0MzVjMmQzZTc0YTZiMjhhZDNkOWMzMGQ2
YThjZWUwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTIxMjFmMjAyMTk3NDIwNmM0NGEzYTc2ZmQ3Y2E5MDUzODViOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnilnmYltRRrY4IGtry8Xb5IlhONc
Pbuna3WVrXi8FHJq0xjeGa2y6pNY9Wh6PxeSugsc6oOirZUXmtUkpQG4DlrtK29u
+QoVG0l+PqWRaI9JIjHRFiGb25QPfnFgtdwviheLVB94rEoVfGNi2gBfUnt/UG3M
k0s70dr78vt1ruSDJxv7RHHqt+t4M3Pd/v9AOTsQ4O8zK2WThvzuvabKs7q8zdyS
IDkBk/i3un96HM7yWlpxmYpxsacVmf8brn6IyX5ybJt2XvF+Gx2Xg1lIMnfFeWq2
bjqg6qTbvDgyzicIuxK66vTeQN65+FOP9nxWarNBMWEoL++WtLL7SysAswIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBkhIfICGXQgbESjp2/XypBThbmZMB8GA1UdIwQY
MBaAFD7GPl2wQ1wtPnSmsorT2cMNaozuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjIt
NTIwNThmOGE5YTFhLzEvR1NFaDhnSVpkQ0JzUktPbmI5ZktrRk9GdVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS80NmQ5NDMtOGNiZC00MWEyLWI5ZjItNTIwNThmOGE5YTFh
LzEvUHNZLVhiQkRYQzAtZEtheWl0UFp3dzFxak80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEVMnQAwQA
khO1AwQE2RQwMA8EAgACMAkDBwAqEkXH//8wDQYJKoZIhvcNAQELBQADggEBAHmj
EFbhBgksUeWY7+P9r10nrXGeWeWW45lF/v49trO2ymFiXkXK9lTIqPoL+ULdARYD
KKWeKYx2sXBBUZW/EQQ2lzlZHpQvIFxgdblTrCv/Y5TzoL4HFkh0LLBwxEydnQ3C
2bLknlY6QC9Qs2U0EBxN5Dqx/sP0UgZnDjoIYEAy+94Y6Fv4glFALPZbgBVaJffc
yLyVpcyyPTSNYb063B6xq50ao6LOZWsyjYtzkkP7VM37JLjY28dsheXarXtIobwI
7N5WddPSeiA73wPOGsT5adRIINd+ZERkUUZ1Yx3bCnoGYuOkBq1Weuec6dWgdsqV
m005iCGYHYws/VAU1TQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:58:08 2025 by rpki-client